auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.env;
  23
  24 import java.security.Principal;
  25
  26 import javax.servlet.ServletRequest;
  27 import javax.servlet.http.HttpServletRequest;
  28
  29 import org.onap.aaf.auth.rserv.TransFilter;
  30 import org.onap.aaf.cadi.CadiException;
  31 import org.onap.aaf.cadi.Connector;
  32 import org.onap.aaf.cadi.TrustChecker;
  33 import org.onap.aaf.cadi.principal.TaggedPrincipal;
  34 import org.onap.aaf.cadi.principal.TrustPrincipal;
  35 import org.onap.aaf.misc.env.Env;
  36 import org.onap.aaf.misc.env.LogTarget;
  37 import org.onap.aaf.misc.env.Slot;
  38 import org.onap.aaf.misc.env.TimeTaken;
  39 import org.onap.aaf.misc.env.Trans.Metric;
  40
  41 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
  42         private AuthzEnv env;
  43         public Metric serviceMetric;
  44         public static Slot transIDslot,specialLogSlot;
  45
  46         public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
  47         public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
  48
  49         public static final int BUCKETSIZE = 2;
  50
  51         public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
  52                 super(env.access(),con, tc, additionalTafLurs);
  53                 this.env = env;
  54                 serviceMetric = new Metric();
  55                 serviceMetric.buckets = new float[BUCKETSIZE];
  56                 if(transIDslot==null) {
  57                         transIDslot = env.slot(TRANS_ID_SLOT);
  58                 }
  59                 if(specialLogSlot==null) {
  60                         specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
  61                 }
  62         }
  63
  64         @Override
  65         protected AuthzTrans newTrans() {
  66                 AuthzTrans at = env.newTrans();
  67                 at.setLur(getLur());
  68                 return at;
  69         }
  70
  71         @Override
  72         protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
  73                 trans.set((HttpServletRequest)request);
  74                 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
  75                 " IP: " + trans.ip() +
  76                 " Port: " + trans.port()
  77                 , Env.SUB);
  78         }
  79
  80         @Override
  81         protected void authenticated(AuthzTrans trans, Principal p) {
  82                 trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
  83         }
  84
  85         @Override
  86         protected void tallyHo(AuthzTrans trans) {
  87                 Boolean b = trans.get(specialLogSlot, false);
  88                 LogTarget lt = b?trans.warn():trans.info();
  89
  90                 if(lt.isLoggable()) {
  91                         // Transaction is done, now post full Audit Trail
  92                         StringBuilder sb = new StringBuilder("AuditTrail\n");
  93                         // We'll grabAct sub-metrics for Remote Calls and JSON
  94                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
  95                         Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
  96
  97                         // Add current Metrics to total metrics
  98                         serviceMetric.total+= m.total;
  99                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 100                                 serviceMetric.buckets[i]+=m.buckets[i];
 101                         }
 102
 103                         Long tsi;
 104                         if((tsi=trans.get(transIDslot, null))!=null) {
 105                                 sb.append("  TraceID=");
 106                                 sb.append(Long.toHexString(tsi));
 107                                 sb.append('\n');
 108                         }
 109                         // Log current info
 110                         sb.append("  Total: ");
 111                         sb.append(m.total);
 112                         sb.append(" Remote: ");
 113                         sb.append(m.buckets[0]);
 114                         sb.append(" JSON: ");
 115                         sb.append(m.buckets[1]);
 116                         lt.log(sb);
 117                 } else {
 118                         // Single Line entry
 119                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
 120                         StringBuilder content = new StringBuilder();
 121                         Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
 122                         // Add current Metrics to total metrics
 123                         serviceMetric.total+= m.total;
 124                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 125                                 serviceMetric.buckets[i]+=m.buckets[i];
 126                         }
 127
 128                         StringBuilder sb = new StringBuilder();
 129                         sb.append("user=");
 130                         Principal p = trans.getUserPrincipal();
 131                         if(p==null) {
 132                                 sb.append("n/a");
 133                         } else {
 134                                 sb.append(p.getName());
 135                                 if(p instanceof TrustPrincipal) {
 136                                         sb.append('(');
 137                                         sb.append(((TrustPrincipal)p).personalName()); // UserChain
 138                                         sb.append(')');
 139                                 } else {
 140                                         sb.append('[');
 141                                         if(p instanceof TaggedPrincipal) {
 142                                                 sb.append(((TaggedPrincipal)p).tag());
 143                                         } else {
 144                                                 sb.append(p.getClass().getSimpleName());
 145                                         }
 146                                         sb.append(']');
 147                                 }
 148                         }
 149                         sb.append(",ip=");
 150                         sb.append(trans.ip());
 151                         sb.append(",port=");
 152                         sb.append(trans.port());
 153 //                      Current code won't ever get here... Always does a Full Audit Trail
 154 //                      Long tsi;
 155 //                      if((tsi=trans.get(transIDslot, null))!=null) {
 156 //                              sb.append(",TraceID=");
 157 //                              sb.append(Long.toHexString(tsi));
 158 //                      }
 159                         sb.append(",ms=");
 160                         sb.append(m.total);
 161                         sb.append(",meth=");
 162                         sb.append(trans.meth());
 163                         sb.append(",path=");
 164                         sb.append(trans.path());
 165
 166                         if(content.length()>0) {
 167                                 sb.append(",msg=\"");
 168                                 int start = content.lastIndexOf(",msg=\"");
 169                                 if(start>=0) {
 170                                         sb.append(content,start+6,content.length()-1);
 171                                 } else {
 172                                         sb.append(content);
 173                                 }
 174                                 sb.append('"');
 175                         }
 176
 177                         trans.warn().log(sb);
 178                 }
 179         }
 180
 181 }